Call into 614-LULZSEC and pick a target and we'll obliterate it.
Nobody wants to mess with The Lulz Cannon - take aim for us, twitter. #FIRE

In addition to attacks on League of Legends, EVE Online,
and Minecraft, the group attacked gaming magazine The
Escapist, and government-software contractor Finfisher, as we summarize here.

But the group also let slip that it's waiting on 8 phone requests for
additional targets. It's unclear whether the group will hit those targets
today, or take a break from firing its DDoS "cannon".

LulzSec implied in one tweet that it's infecting 4Chan users
and using their machines in a distributed denial of service (DDoS) botnet.
The group writes:

The best part about making 50% of all /b/tards our bots is that
they leave their daddy's laptops on 24/7, more bandwidth for us. :3

The fact that the group is taking phone calls at a time when they've attacked
the U.S. government from several angles is rather bold -- some would say
foolish. Clearly the art of phone obfuscation is not dead, given that no
arrests have been made yet, despite the group's active call line, which is
surely being observed by the U.S.
Federal Bureau of Investigation and others.

DDoS hacks aren't "official" hacks according to the band of bandits.
They state:

We didn't hack any games, we just DDoS'd them with our
not-to-be-messed-with Lulz Cannon. :D We did hack these though: lulzsecurity.com/releases

We'll keep you updated on who gets hacked/DDoSed next "for the lulz".

Update: Wed. June 15, 2011 12:50 p.m. --

It appears that LulzSec has taken down the server for MMORPG Heroes of Newerth (a game very similar to World of Warcraft). The group mocks that Defense of the Ancients ("DotA") custom scenario for Warcraft III: Reign of Chaos "is better."

The group also posted to Twitter that it's preparing for another EVE Online attack.

Comments

Threshold

Username

Password

remember me

This article is over a month old, voting and posting comments is disabled

So far they have been just playing script kiddies. Why just they don't move to better targets ?

Taking down some network gear would be cool for starters. There are several ways to do it. Taking down root DNS servers would be an excellent point. You don't need to take down everything,you just need to know where the exit point is for example. With time and preparation that is easly planned. Now that would be what i call a sophisticated and structured attack.

How do you propose they take it down? Even if they took it down, do you really think it will matter? The entire Internet backbone, especially at Level 3, is redundant as hell. Exit points on Tier 1 providers are usually multiple gigs and have multiple exits. On top of that, you likely run through them at some point, so you will be knocking yourself down.

If we can't defend against these pitiful attacks a freshman CS major could write the code for, what are we going to do in a cyber war? I hope this forces the world to wake up and start taking computer security seriously.

If I send you five million letters, how do you defend your mailbox? You can throw them away, but if I did it non-stop for a period of time, you can't do much except get them and throw them away, but if I do it fast enough, you can't keep up. There are mitigation techniques, but DDOS is a hard thing to defend against.

SQL attacks on the other hand are clearly administrator issues, but don't lump everything together.

they could easily write a program to DDoS a whole ASNumber rather than 1 IP. Take out the ASNumber and you've killed BGP and failover. Botnets are powerful if you know what you're doing with them but it would still have to be a very large botnet to kill a whole AS.

How do you DDOS an AS number? It is not an addressable thing. Any carrier worth their weight only allows communication with specific peers on the edge. You can't kill an AS, cause it is just a domain, you might have 100 routers in that one domain. I would have to see what you actually plan to do, but I have no Earthly idea how you would take down an AS number. The AS is literally just an identifier used in the BGP header, it isn't an actual device. I don't think you really understand how BGP works.

I suspect what you actually mean, unbeknownst to you, is send out fake updates to BGP and either black hole a whole routing block or the entire table or just shutdown the peering. Again, this is a complex feat and there are multiple exits so BGP will recover just fine.

While im not in the area of external routing protocols like BGP or IS-IS and others, OSPF has several vulnerabilities. Most of the attack you CAN make is not at OSPF process ID, but link state calculations and and election events.

L2, spanning tree at first seems bullet proof. And it is. But is also highly complex, and i rarely see it 100% well implemented leaving plenty of room for an "ICE 9" type of attack on election and VTP routines.

A Denial Of Service can come in different forms. And soemtimes there is no need to hack anything. Just expect tecnology to work "as designed"

quote: While im not in the area of external routing protocols like BGP or IS-IS

And you lose all credibility. IS-IS is an internal routing protocol, link state no less, just like OSPF. BGP is the only external routing protocol currently used.

I wasn't sure if you were dumb or just didn't understand the language, but you obviously have no idea what you are talking about.

I'm sure everyone is hacking spanning tree and friggin' OSPF, what a joke. None of this stuff seems bulletproof, but you have to point out valid vulnerabilities, not made up garbage stemming from a complete lack of knowledge on the subject.

Honestly, if you knew more about BGP, I would be terrified about what garbage you would make up.